Unrated severityNVD Advisory· Published Jul 12, 2022· Updated Aug 4, 2024
CVE-2021-44222
CVE-2021-44222
Description
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system.
Affected products
2<V22.00+ 1 more
- (no CPE)range: <V22.00
- (no CPE)range: All versions < V22.00
Patches
Vulnerability mechanics
References
1- cert-portal.siemens.com/productcert/pdf/ssa-580125.pdfmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.